批量缩略图工具 V1.1简单算法分析
【文章标题】: 批量缩略图工具 V1.1简单算法分析【文章作者】: lzq1973
【作者邮箱】: [email protected]
【作者QQ号】: 150787972
【软件名称】: 批量缩略图工具 V1.1
【软件大小】: 439 KB
【下载地址】: http://www1.skycn.com/soft/25515.html
【加壳方式】: 无
【保护方式】: 注册码
【编写语言】: Borland Delphi 6.0 - 7.0
【使用工具】: OD、PEID
【操作平台】: WIN2000
【软件介绍】: 在网页制作中常常需要为大批量图片生成缩略图,“批量缩略图工具”就是这样一个工具,为JPG文件批量生成缩略图。
【作者声明】: 只是感兴趣,没有其他目的。失误之处敬请诸位大侠赐教!
--------------------------------------------------------------------------------
【详细过程】
以前(0.8时)就对它动过刀,那时手生的很,导致好多人说破解不完全,今又看到了新版本,于是看看近来俺是不是有点进步。
注册信息保存在BatchPic.ini,注册码必须为8位。
OD载入,查找相关字符串中断在这里
004A5AD8/.55 PUSH EBP
004A5AD9|.8BEC MOV EBP,ESP
004A5ADB|.33C9 XOR ECX,ECX
004A5ADD|.51 PUSH ECX
004A5ADE|.51 PUSH ECX
004A5ADF|.51 PUSH ECX
004A5AE0|.51 PUSH ECX
004A5AE1|.51 PUSH ECX
004A5AE2|.51 PUSH ECX
004A5AE3|.51 PUSH ECX
004A5AE4|.53 PUSH EBX
004A5AE5|.56 PUSH ESI
004A5AE6|.8BD8 MOV EBX,EAX
004A5AE8|.33C0 XOR EAX,EAX ;EAX=00D7566C, (ASCII "lTJ")
004A5AEA|.55 PUSH EBP
004A5AEB|.68 6D5C4A00 PUSH BatchPic.004A5C6D
004A5AF0|.64:FF30 PUSH DWORD PTR FS:
004A5AF3|.64:8920 MOV DWORD PTR FS:,ESP
004A5AF6|.8D55 FC LEA EDX,DWORD PTR SS:
004A5AF9|.8B83 28030000 MOV EAX,DWORD PTR DS:
004A5AFF|.E8 B099FBFF CALL BatchPic.0045F4B4
004A5B04|.8B45 FC MOV EAX,DWORD PTR SS: ;假码
004A5B07|.E8 1CE9F5FF CALL BatchPic.00404428
004A5B0C|.83F8 08 CMP EAX,8 ;注册码长度为8
004A5B0F|.74 3F JE SHORT BatchPic.004A5B50 ;长度相等就跳
004A5B11|.6A 10 PUSH 10
004A5B13|.8D55 F8 LEA EDX,DWORD PTR SS:
004A5B16|.A1 BCAF4A00 MOV EAX,DWORD PTR DS:
004A5B1B|.8B00 MOV EAX,DWORD PTR DS:
004A5B1D|.E8 4E93FDFF CALL BatchPic.0047EE70
004A5B22|.8B45 F8 MOV EAX,DWORD PTR SS:
004A5B25|.E8 FEEAF5FF CALL BatchPic.00404628
004A5B2A|.50 PUSH EAX
004A5B2B|.68 7C5C4A00 PUSH BatchPic.004A5C7C ;注册码错误!
004A5B30|.8BC3 MOV EAX,EBX
004A5B32|.E8 9D01FCFF CALL BatchPic.00465CD4
004A5B37|.50 PUSH EAX ; |hOwner
004A5B38|.E8 AF11F6FF CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
004A5B3D|.8B83 28030000 MOV EAX,DWORD PTR DS:
004A5B43|.8B10 MOV EDX,DWORD PTR DS:
004A5B45|.FF92 C4000000 CALL DWORD PTR DS:
004A5B4B|.E9 DA000000 JMP BatchPic.004A5C2A
004A5B50|>8D55 F4 LEA EDX,DWORD PTR SS:
004A5B53|.8B83 28030000 MOV EAX,DWORD PTR DS:
004A5B59|.E8 5699FBFF CALL BatchPic.0045F4B4
004A5B5E|.8B45 F4 MOV EAX,DWORD PTR SS: ;假码
004A5B61|.50 PUSH EAX
004A5B62|.8D45 F0 LEA EAX,DWORD PTR SS:
004A5B65|.E8 120E0000 CALL BatchPic.004A697C
004A5B6A|.8B45 F0 MOV EAX,DWORD PTR SS: ;机器码
004A5B6D|.5A POP EDX
004A5B6E|.E8 D10C0000 CALL BatchPic.004A6844 ;关键(F7跟进)
004A5B73|.84C0 TEST AL,AL
004A5B75|.74 79 JE SHORT BatchPic.004A5BF0
004A5B77|.A1 FCAC4A00 MOV EAX,DWORD PTR DS:
004A5B7C|.C600 01 MOV BYTE PTR DS:,1
004A5B7F|.8D55 EC LEA EDX,DWORD PTR SS:
004A5B82|.8B83 28030000 MOV EAX,DWORD PTR DS:
004A5B88|.E8 2799FBFF CALL BatchPic.0045F4B4
004A5B8D|.8B45 EC MOV EAX,DWORD PTR SS:
004A5B90|.50 PUSH EAX
004A5B91|.A1 CCAF4A00 MOV EAX,DWORD PTR DS:
004A5B96|.8B00 MOV EAX,DWORD PTR DS:
004A5B98|.B9 945C4A00 MOV ECX,BatchPic.004A5C94 ;key
004A5B9D|.BA A05C4A00 MOV EDX,BatchPic.004A5CA0 ;regcode
004A5BA2|.8B30 MOV ESI,DWORD PTR DS:
004A5BA4|.FF56 04 CALL DWORD PTR DS:
004A5BA7|.6A 40 PUSH 40
004A5BA9|.8D55 E8 LEA EDX,DWORD PTR SS:
004A5BAC|.A1 BCAF4A00 MOV EAX,DWORD PTR DS:
004A5BB1|.8B00 MOV EAX,DWORD PTR DS:
004A5BB3|.E8 B892FDFF CALL BatchPic.0047EE70
004A5BB8|.8B45 E8 MOV EAX,DWORD PTR SS:
004A5BBB|.E8 68EAF5FF CALL BatchPic.00404628
004A5BC0|.50 PUSH EAX
004A5BC1|.68 A85C4A00 PUSH BatchPic.004A5CA8 ;注册成功!
004A5BC6|.8BC3 MOV EAX,EBX
004A5BC8|.E8 0701FCFF CALL BatchPic.00465CD4
004A5BCD|.50 PUSH EAX ; |hOwner
004A5BCE|.E8 1911F6FF CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
004A5BD3|.A1 ACAE4A00 MOV EAX,DWORD PTR DS:
004A5BD8|.8B00 MOV EAX,DWORD PTR DS:
004A5BDA|.8B80 84030000 MOV EAX,DWORD PTR DS:
004A5BE0|.33D2 XOR EDX,EDX
004A5BE2|.E8 ED97FBFF CALL BatchPic.0045F3D4
004A5BE7|.8BC3 MOV EAX,EBX
004A5BE9|.E8 2E60FDFF CALL BatchPic.0047BC1C
004A5BEE|.EB 3A JMP SHORT BatchPic.004A5C2A
004A5BF0|>6A 10 PUSH 10
004A5BF2|.8D55 E4 LEA EDX,DWORD PTR SS:
004A5BF5|.A1 BCAF4A00 MOV EAX,DWORD PTR DS:
004A5BFA|.8B00 MOV EAX,DWORD PTR DS:
004A5BFC|.E8 6F92FDFF CALL BatchPic.0047EE70
004A5C01|.8B45 E4 MOV EAX,DWORD PTR SS:
004A5C04|.E8 1FEAF5FF CALL BatchPic.00404628
004A5C09|.50 PUSH EAX
004A5C0A|.68 7C5C4A00 PUSH BatchPic.004A5C7C ;注册码错误!
004A5C0F|.8BC3 MOV EAX,EBX
004A5C11|.E8 BE00FCFF CALL BatchPic.00465CD4
004A5C16|.50 PUSH EAX ; |hOwner
004A5C17|.E8 D010F6FF CALL <JMP.&user32.MessageBoxA> ; \MessageBoxA
004A5C1C|.8B83 28030000 MOV EAX,DWORD PTR DS:
004A5C22|.8B10 MOV EDX,DWORD PTR DS:
004A5C24|.FF92 C4000000 CALL DWORD PTR DS:
004A5C2A|>33C0 XOR EAX,EAX
004A5C2C|.5A POP EDX
004A5C2D|.59 POP ECX
004A5C2E|.59 POP ECX
004A5C2F|.64:8910 MOV DWORD PTR FS:,EDX
004A5C32|.68 745C4A00 PUSH BatchPic.004A5C74
004A5C37|>8D45 E4 LEA EAX,DWORD PTR SS:
004A5C3A|.BA 02000000 MOV EDX,2
004A5C3F|.E8 48E5F5FF CALL BatchPic.0040418C
004A5C44|.8D45 EC LEA EAX,DWORD PTR SS:
004A5C47|.E8 1CE5F5FF CALL BatchPic.00404168
004A5C4C|.8D45 F0 LEA EAX,DWORD PTR SS:
004A5C4F|.E8 14E5F5FF CALL BatchPic.00404168
004A5C54|.8D45 F4 LEA EAX,DWORD PTR SS:
004A5C57|.E8 0CE5F5FF CALL BatchPic.00404168
004A5C5C|.8D45 F8 LEA EAX,DWORD PTR SS:
004A5C5F|.E8 04E5F5FF CALL BatchPic.00404168
004A5C64|.8D45 FC LEA EAX,DWORD PTR SS:
004A5C67|.E8 FCE4F5FF CALL BatchPic.00404168
004A5C6C\.C3 RETN
004A5C6D .^ E9 76DEF5FF JMP BatchPic.00403AE8
004A5C72 .^ EB C3 JMP SHORT BatchPic.004A5C37
004A5C74 .5E POP ESI
004A5C75 .5B POP EBX
004A5C76 .8BE5 MOV ESP,EBP
004A5C78 .5D POP EBP
004A5C79 .C3 RETN
------ 在这里 004A5B6E|.E8 D10C0000 CALL BatchPic.004A6844F7跟进-------------
004A6844/$55 PUSH EBP
004A6845|.8BEC MOV EBP,ESP
004A6847|.83C4 F8 ADD ESP,-8
004A684A|.53 PUSH EBX ;(ASCII "lTJ")
004A684B|.56 PUSH ESI
004A684C|.8955 F8 MOV DWORD PTR SS:,EDX ;假码
004A684F|.8945 FC MOV DWORD PTR SS:,EAX ;机器码
004A6852|.8B45 FC MOV EAX,DWORD PTR SS:
004A6855|.E8 BEDDF5FF CALL BatchPic.00404618
004A685A|.8B45 F8 MOV EAX,DWORD PTR SS:
004A685D|.E8 B6DDF5FF CALL BatchPic.00404618
004A6862|.33C0 XOR EAX,EAX
004A6864|.55 PUSH EBP
004A6865|.68 C0684A00 PUSH BatchPic.004A68C0
004A686A|.64:FF30 PUSH DWORD PTR FS:
004A686D|.64:8920 MOV DWORD PTR FS:,ESP
004A6870|.B3 01 MOV BL,1 ;BL=6C ('l')
004A6872|.8B45 F8 MOV EAX,DWORD PTR SS: ;假码
004A6875|.E8 AEDBF5FF CALL BatchPic.00404428
004A687A|.83F8 08 CMP EAX,8
004A687D|.74 04 JE SHORT BatchPic.004A6883
004A687F|.33DB XOR EBX,EBX
004A6881|.EB 22 JMP SHORT BatchPic.004A68A5
004A6883|>BE 01000000 MOV ESI,1
004A6888|>8B45 FC /MOV EAX,DWORD PTR SS: ;机器码堆栈(ASCII "35599323")
004A688B|.8A4430 FF |MOV AL,BYTE PTR DS: ;逐位取,DS:=33 ('3')
004A688F|.E8 50FFFFFF |CALL BatchPic.004A67E4 ;这里就是逐位计算注册码的
004A6894|.8B55 F8 |MOV EDX,DWORD PTR SS: ;假码
004A6897|.3A4432 FF |CMP AL,BYTE PTR DS:
004A689B|.74 02 |JE SHORT BatchPic.004A689F
004A689D|.33DB |XOR EBX,EBX
004A689F|>46 |INC ESI
004A68A0|.83FE 09 |CMP ESI,9
004A68A3|.^ 75 E3 \JNZ SHORT BatchPic.004A6888
004A68A5|>33C0 XOR EAX,EAX
004A68A7|.5A POP EDX
004A68A8|.59 POP ECX
004A68A9|.59 POP ECX
004A68AA|.64:8910 MOV DWORD PTR FS:,EDX
004A68AD|.68 C7684A00 PUSH BatchPic.004A68C7
004A68B2|>8D45 F8 LEA EAX,DWORD PTR SS:
004A68B5|.BA 02000000 MOV EDX,2
004A68BA|.E8 CDD8F5FF CALL BatchPic.0040418C
004A68BF\.C3 RETN
004A68C0 .^ E9 23D2F5FF JMP BatchPic.00403AE8
004A68C5 .^ EB EB JMP SHORT BatchPic.004A68B2
004A68C7 .8BC3 MOV EAX,EBX
004A68C9 .5E POP ESI
004A68CA .5B POP EBX
004A68CB .59 POP ECX
004A68CC .59 POP ECX
004A68CD .5D POP EBP
004A68CE .C3 RETN
-------- 在这里 004A688F|.E8 50FFFFFF |CALL BatchPic.004A67E4F7跟进--------
004A67E4/$25 FF000000 AND EAX,0FF ;与运算
004A67E9|.83C0 D0 ADD EAX,-30 ;Switch (cases 30..39)
004A67EC|.83F8 09 CMP EAX,9
004A67EF|.77 4D JA SHORT BatchPic.004A683E
004A67F1|.FF2485 F8674A>JMP DWORD PTR DS:
004A67F8|.20684A00 DD BatchPic.004A6820 ;分支表 被用于 004A67F1
004A67FC|.23684A00 DD BatchPic.004A6823
004A6800|.26684A00 DD BatchPic.004A6826
004A6804|.29684A00 DD BatchPic.004A6829
004A6808|.2C684A00 DD BatchPic.004A682C
004A680C|.2F684A00 DD BatchPic.004A682F
004A6810|.32684A00 DD BatchPic.004A6832
004A6814|.35684A00 DD BatchPic.004A6835
004A6818|.38684A00 DD BatchPic.004A6838
004A681C|.3B684A00 DD BatchPic.004A683B
004A6820|>B0 38 MOV AL,38 ;Case 30 ('0') of switch 004A67E9
004A6822|.C3 RETN
004A6823|>B0 36 MOV AL,36 ;Case 31 ('1') of switch 004A67E9
004A6825|.C3 RETN
004A6826|>B0 34 MOV AL,34 ;Case 32 ('2') of switch 004A67E9
004A6828|.C3 RETN
004A6829|>B0 30 MOV AL,30 ;Case 33 ('3') of switch 004A67E9
004A682B|.C3 RETN
004A682C|>B0 35 MOV AL,35 ;Case 34 ('4') of switch 004A67E9
004A682E|.C3 RETN
004A682F|>B0 32 MOV AL,32 ;Case 35 ('5') of switch 004A67E9
004A6831|.C3 RETN
004A6832|>B0 39 MOV AL,39 ;Case 36 ('6') of switch 004A67E9
004A6834|.C3 RETN
004A6835|>B0 31 MOV AL,31 ;Case 37 ('7') of switch 004A67E9
004A6837|.C3 RETN
004A6838|>B0 33 MOV AL,33 ;Case 38 ('8') of switch 004A67E9
004A683A|.C3 RETN
004A683B|>B0 37 MOV AL,37 ;Case 39 ('9') of switch 004A67E9
004A683D|.C3 RETN
004A683E|>33C0 XOR EAX,EAX ;Default case of switch 004A67E9
004A6840\.C3 RETN
好了,就到这里吧~~(一休哥要休息了)
--------------------------------------------------------------------------------
【经验总结】
总的说来,还是很简单的,注册码是通过两组数字相对应而来的
机器码组成部分: 0 1 2 3 4 5 6 7 8 9
注册码组成部分: 8 6 4 0 5 2 9 1 3 7
如
我的机器码为:35599323
那注册码就是:02277040
--------------------------------------------------------------------------------
【版权声明】: 本文属于大家的, 转载请注明作者并保持文章的完整, 谢谢!
2006年03月27日 11:00:13
回复 1# lzq1973 的帖子
感谢楼主!!!/:014
页:
[1]